A severe vulnerability is discovered in one of the core components of Windows. Microsoft has since released an urgent out-of-band patch to all affected machines.
“Microsoft is aware of a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client.” reads the advisory published by Microsoft.
OneMap3D is envisioned to be “Asia’s first, open-source 3D nationwide map”.
OneMap 3D (sic) will enable users to orient themselves in a three-dimensional representation of the real world, empowering them to navigate around identifiable landmarks, walkways and even void deck spaces. OneMap 3D will first be launched to developers by the end of 2020.
Full disclosure: we are enrolled in OneMap3D Developer Programme and are bounded by the NDA. The following content does not reveal anything that is forbidden by the NDA.
It appears that earlier articles use the term “OneMap 3D” and recent ones “OneMap3D”. For consistency we will use the term “OneMap3D”.
Background
In 2014, Singapore announced the launch of the Smart Nation Initiative, of which Virtual Singapore is a key feature. One of the products of Virtual Singapore is the island-wide 3D map of Singapore. Today, the custodian of this 3D map is the Singapore Land Authority (SLA), and the platform in which this data will be available is called OneMap3D.
This article primarily focuses on the comparison of 3D model available on Google Maps and OneMap3D. Other aspects such as API capabilities etc are not explored.
Google Maps 3D
When Google Maps was launched, the world of digital mapping was introduced to the masses. It began with making tile-based maps accessible through the browser. Then Google acquired a company called KeyHole and took over the product to be launched as Google Earth, a desktop application. Google Earth was its foray into interactive 3D mapping – fulling Neal Stephenson’s vision in a round-about way since the original KeyHole application was said to be inspired by the author’s novel.
Nowadays, the line is blurring between Google Maps and Google Earth since the former is capable of showing 3D content as well. On your modern desktop browser, just turn on Satellite mode and if the area happens to have 3D content it will be shown. Singapore is lucky enough to have this feature enabled for a large part of the main island. Our comparison will be based on the 3D content available through Google Maps.
OneMap3D
OneMap3D is envisioned to be the upgrade from the existing OneMap service provided by SLA. By enrolling in the OneMap3D Developer Programme, we are given access to 1) 3D building models, and 2) API to access 3D models.
The 3D building models are provided in CityGML version 2 format. For those who are unfamiliar, “CityGML is an open data model and XML-based format for the storage and exchange of virtual 3D city models.”. It is both an OGC as well as an ISO standard.
The tools for processing CityGML are quite lacking unfortunately, as commercial support is not high. For the purpose of this comparison, we will import CityGML files into 3DCityDB, and export it out as a COLLADA file.
First Look
Google MapsOneMap 3D
At this zoom distance, both models in Google Maps and OneMap3D look quite good. It may not be apparent, but the water tanks on the rooftops for OneMap3D are modelled separately.
Another Example
Google MapsOneMap 3D
For a more articulated building, OneMap3D clearly shines. One can see small features such as the cross on the rooftop and words on the facade can be read.
Model Representation
Google doesn’t reveal how its 3D mapping content is constructed but one can try to guess. One FAQ for Google Earth – which probably shares the same data sources as Google Maps – says that imagery collected includes “satellite, aerial, 3D, and Street View images” from “providers and platforms”. The fusion of all these data into a model should be largely automated and powered by their proprietary algorithms.
Based on how 3D contents are streamed in Google Maps, they should be using some form of progressive mesh techniques.
OneMap3D models are based on buildings and each building is provided as a CityGML file. The likely data sources include LiDAR, aerial photography, site survey, official building footprint, etc. It is apparent that the models are handcrafted through some modelling software and converted to the designated format.
OneMap 3D building mesh
Comparison
As with most things, there are pros and cons to either modelling approaches. Here is a non-exhaustive comparison:
OneMap3D
Pros
Cons
Clean model
Colors/textures can be inconsistent
Optimized
Textures can look repetitive
Sharp even when zoomed in
Subject to human errors
Small features can be seen
Labour intensive
Ground-level details can be seen
Inconsistent texture quality between roof and facadeGround level details can be seen
Google Maps
Pros
Cons
Consistent look and feel
“Melted building” syndrome when close-up
Scalable to large areas
Edges are not straight
Occasional artifacts
Building not separated from terrain mesh
Shadows are not removed
Visual artifacts
More OneMap3D Examples
Summary
OneMap3D represents the herculean effort of creating and maintaining an up-to-date database of 3D building models for the whole of Singapore.
Google Maps approach on the other hand, allows it to scale to potentially any city in the world. And it will only get better with newer data acquisition techniques and algorithms.
Beyond 3D representation, however, OneMap3D’s models also contain rich semantic information that allows it to be used in different types of applications, eg. computing roof surface area. And since buildings are standard 3D assets, they can be used in various types of 3D applications such as VR, gaming, rendering etc. There are clearly pros and cons of either approach and we are excited to see the types of applications that OneMap3D will bring when it officially launches end of the year.
Edit: Contact me if you would like to know more about converting OneMap3D data to other commonly used 3D formats.
This vulnerability affects WhatsApp desktop – which I didn’t know exists – for Mac and Windows. It does so by exploiting unpatched bugs in the older version of Electron that WhatsApp desktop uses.
Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access
Yet another potentially breaking change on the web. This time round it involves cookie handling (in the upcoming Chrome 80). The objective is to close off a class of attacks known as CSRF (cross-site request forgery). Expect other browsers to follow suit.
… any websites you’re responsible for that are passing cookies around cross domain by POST request and don’t already have a SameSite policy are going to start misbehaving pretty quickly
An inside look into the workings of a cybercrime organization. For an organization that purportedly develops sophisticated malware to steal banking credentials, the lack of basic cyber hygiene led to much info being extracted about their dealings. The irony.
The $5 million reward is being offered for 32 year-old Maksim V. Yakubets, who the government says went by the nicknames “aqua,” and “aquamo,” among others. The feds allege Aqua led an elite cybercrime ring with at least 16 others who used advanced, custom-made strains of malware known as “JabberZeus” and “Bugat” (a.k.a. “Dridex“) to steal banking credentials from employees at hundreds of small- to mid-sized companies in the United States and Europe.
This is a simple but brilliantly executed heist. Pretend to be the sender by sending from a similar looking domain.
One of the domains was a look-alike of the Chinese investment company’s domain; the other was a spoof of the Israeli firm’s domain. In both instances, the threat actors simply added an “s” to the end of the original domain name.
The next phase of the scam involved the attackers sending two emails with the same subject header as the original email thread about the planned seed funding.
Money meant to fund an Israeli startup wound up directly deposited to the scammers.
If you ever wondered how you can get Wifi on airplanes – massive objects flying at nearly 600mph at altitudes of more than 35000 feet – it is a feat of engineering explained by this article.
Another data leak, this time involving, let’s see, 1.2 billion people. This was found by security researchers in an unsecured ElasticSearch server – the server is now down. According to analysis, the data most likely comes from data enrichment companies.
A total count of unique people across all data sets reached more than 1.2 billion people, making this one of the largest data leaks from a single source organization in history. The leaked data contained names, email addresses, phone numbers, LinkedIN and Facebook profile information.
…
For a very low price, data enrichment companies allow you to take a single piece of information on a person (such as a name or email address), and expand (or enrich) that user profile to include hundreds of additional new data points of information.
ICANN lifts price caps on .org registry. PE firm acquires .org registry. PE firm appoints former ICANN executives to top positions. Does something seem fishy here? How much does companies like Wikipedia have to pay to keep their .org domain from now on?
Ethos Capital is a new private equity firm lead by Erik Brooks. Brooks was at Abry Partners until earlier this year. Abry Partners acquired Donuts and installed former ICANN President of Global Domains Akram Atallah in the top spot there.
